JP5161862B2 - Decryption and decoding of partially encrypted data - Google Patents

Description

  The present invention relates to an encryption system, and more particularly to a system, method and apparatus for performing partial encryption and decryption of a digital television signal.

[Related applications]
This application is filed on June 6, 2001 in Candeloa et al. US Provisional Application No. 60 / 296,673 “Transmits clear video of one content and dual video and audio carriage of other content. Method for Allowing Multiple CA Providers to Interoperate in a Content Delivery System by Sending Video in the Clear for Some Content, and Dual Carriage of Audio and Dual Carriage of Video and Audio for Other Content), U.S. Provisional Application No. 60 / 304,241, filed July 10, 2001, "Freely Selectable Encryption of Dual Carriage Program Content." (Independent Selective Encryptions of Program Content for Dual Carriage) ", July 10, 2001 No. 60 / 304,131 “Method for allowing multiple CA providers to interoperate by partially scrambling content in a time slicing scheme. "Allowing Multiple CA Providers to Interoperate in a Content Delivery System by Partial Scrambling Content on a Time Slice Basis)" and Candeloa et al. US Provisional Application No. 60 / 343,710, filed October 26, 2001, organized by agent No. SNY-R4646P “Television Encryption System”, these related applications are hereby incorporated by reference.

  This application is based on US patent application Ser. No. 10 / 038,217, Anger et al., Attorney Docket No. SNY-R4646.01, “Critical packet Partial Encryption”, US Pat. Application Agent Serial Number SNY-R4646.02 “Time Division Partial Encryption”, US Patent Application No. 10 / 037,914 to Anger et al., Agent Serial Number SNY1-R4646.03 “Elementary Stream Partial Encryption” and US Pat. Application No. 10 / 037,499 to Anger et al., Agent Reference Number SNY-R4646.04 “Partial Encryption and Packet Identifier Mapping (Partial (Encryption and PID Mapping) ”. These concurrently filed US applications are hereby incorporated by reference.

[Copyright notice]
Part of the disclosure content of this specification includes material that is subject to copyright protection. The copyright owner will not object to fax copies or patent disclosures where this specification is deemed to be a patent application or record to the Patent and Trademark Office, but retains all other copyrights.

  Television systems are used to deliver entertainment and educational programs to viewers. Source material (audio data, video data, etc.) is multiplexed into a combined signal, which is used to modulate the carrier wave. This carrier wave is commonly known as a channel (a typical channel is one analog program, one or two high definition (HD) digital programs, or multiple (eg, nine) standard definition digital Can send programs). In a terrestrial system, these channels correspond to government assigned frequencies and are broadcast by radio waves. The program is distributed to the receiver, and the receiver includes a tuner. The tuner detects a signal from the radio wave and supplies the signal to the demodulator. The demodulator outputs the video to the display and the sound from the speaker. In a cable system, the modulation channel is sent via a cable. It is also possible to provide a program guide showing programs that can be viewed and related channel selection information within or outside the channel band. In a cable system, the number of channels is limited, i.e. limited by the bandwidth of the equipment and cable. Cable laying systems (CABLE distribution systems) require significant capital investment and are expensive to improve.

  Much of the television content is valuable to its producers, so the copyright owner wants to control access and restrict copying. Examples of typical copyright-protected materials include feature films, sports competition programs, and adult programs. The conditional access (hereinafter referred to as CA) method is used to control program viewing (availability) in a content distribution system such as a cable system. The CA method is incorporated in a head end of a cable system, and encrypts paid content (premium content) and a set-top box (hereinafter referred to as STB) installed in a user's home. , Provided as a matched set with the part to be decoded. In the cable television industry, several CAs are available, including those offered by NDS (Newport Beach, California, USA), Motorola (Schaumburg, Illinois, USA), and Scientific Atlanta (Atlanta, Georgia, USA). The method is used. Due to the situation where the encryption and decryption units in the CA scheme must be matched, the “legacy” STB manufacturer must continue to supply this STB. The various conditional access technologies are incompatible (and often proprietary), so new entrants are forced to license the old-fashioned CA scheme . Therefore, CA-based technology holders are often unwilling to charge for cooperation or a reasonable fee, and cable TV operators can find newer or competing technologies from other set-top box manufacturers. I can't get it. Since there is no technical compatibility in this way, there is a particular problem when cable television companies adopting different CA systems merge. Service providers want to have multiple STB suppliers for a number of reasons.

  Once a cable television operator adopts a certain content encryption scheme, the content encryption scheme is changed or updated without introducing a backward compatible decryption device (for example, a set-top box). It becomes difficult. Even if the STB manufacturer has the technology to provide multiple decryption functions, if the new set-top box has a multi-mode function that supports multiple encryption schemes, the new set-top box will have considerable It costs money.

  The only currently known option to avoid dominance by older STB manufacturers is to use a “full dual carriage” (except for a large replacement). Full dual carriage means that each encrypted program is transmitted twice for each type of CA encryption used. In order to provide a full dual carriage, the head end must be augmented to provide each CA scheme simultaneously. Whatever the change, the old STB is unaffected and must continue to perform its functions. However, in the full dual carriage, in many cases, the number of programs that can be viewed must be reduced in order to avoid overlapping bands, which is an unacceptable fee. Usually, when the number of pay channels decreases, the options available to viewers are limited, and the value that cable TV operators can provide is also limited.

  FIG. 1 is a block diagram showing a configuration of a conventional cable system. In this cable system, a cable television operator uses a CA encryption device 18 that conforms to method A at the cable system head end 22 and uses the CA technology of manufacturer A (method A) to produce audio / video (A / V) content. 14 is processed. In the encrypted A / V content, system information (hereinafter referred to as SI) 26 and program specific information (hereinafter referred to as PSI) 27 are multiplexed, and the user's information is transmitted via the cable system 32. It is transmitted to the STB 36. The STB 36 incorporates a CA decryption device of CA system A (manufacturer A) that decrypts encrypted A / V content. The decrypted A / V content is supplied to the television receiver 44 and viewed by the user.

  In the cable system as shown in FIG. 1, the digital program stream is divided into packets and transmitted. A packet identifier (packet identifier: hereinafter referred to as PID) is added to a packet of each component (video data, audio data, auxiliary data, etc.) of the program. These packet streams for each component of all programs sent in the channel are combined into one composite stream. The composite stream also includes additional packets with decryption keys and other overhead information. If there are no additional packets, the unused bandwidth is filled with empty packets. Bandwidth allocation is usually adjusted to use about 95% of the available channel bandwidth.

  Overhead information typically includes guide data that indicates how to locate a viewable program and its associated channels and components. This guide data is also known as system information, ie SI. The SI can be delivered to the STB in-band (as part of the encrypted data in the channel) or out-of-band (using a special channel dedicated for this purpose). The SI distributed electronically may be a partial copy of a program guide of the conventional type, that is, described in newspapers and magazines.

  In order for viewers to enjoy satisfactory television viewing, it is generally desirable to be able to access both audio and video content in a clear state (clear). Some analog cable systems use various filtering techniques to hide the video content so that unauthorized viewers who have not paid for it cannot receive the program. In such an analog cable system, the analog audio content may be sent clear. Motorola's VideoCipher 2 Plus (trademark) method used for C-band satellite communications combines strong digital audio encryption with relatively weak (using sync reversal) protection of analog video data. Is used. The airline in-flight movie system uses a method in which only passengers who have rented headphones for a fee can fully view audio and video.

  In the decoding method for decoding the partially encrypted content according to the present invention, the unencrypted content, the first encrypted content encrypted based on the first encryption method, and the second Receiving the partially encrypted content including the second encrypted content encrypted based on the encryption method, decrypting the second encrypted content, and decrypting the unencrypted content The partially encrypted content is decoded by decoding the second content.

  The television receiver according to the present invention comprises a receiving means for receiving a partially encrypted television signal identified by a packet associated with a first packet identifier or a second packet identifier; And a decoder for decoding a partially encrypted television signal by decoding a packet having a second packet identifier together with a packet having a first packet identifier With.

  The television apparatus according to the present invention includes a plurality of non-encrypted elementary stream packets, a first packet encrypted based on the first encryption algorithm, and an encryption based on the second encryption algorithm. A receiver for receiving a plurality of dual encrypted packet pairs of encrypted second packet pairs; a decoder for decrypting the encrypted packets; and decrypting the unencrypted packets A decoder that decodes the received packet to generate a television signal. Here, the television signal is composed of a pair of an unencrypted packet and a dual encrypted packet.

  The circuit according to the present invention comprises an unencrypted packet having a first packet identifier, an encrypted packet having a first packet identifier, and an encrypted packet having a second packet identifier. Input means for receiving an input stream of packets, packet identifier reading means for reading packet identifiers of packets in the input stream of packets and excluding encrypted packets having the first packet identifier, and second packet identifiers A packet identifier remapping circuit for remapping to a first packet identifier and generating a remapped packet; and multiplexing the remapped packet into an unencrypted packet having the first packet identifier; A multiplexer that produces an output stream of packets Obtain.

It is a block diagram which shows the structure of the conventional conditional access cable system. It is a block diagram which shows the structure of the system which transmits dual encryption audio data with clear video data shown as an Example of this invention. It is a block diagram which shows the structure of the system shown as an Example of this invention in which a part of program is dual-encrypted based on a time slice mechanism. It is a flowchart of the dual encryption process shown as an Example of this invention. It is a flowchart of an encryption process shown as an Example of this invention. It is a block diagram which shows the structure of the system shown as an Example of this invention in which a part of program is dual-encrypted for every packet. It is a flowchart of the dual encryption process shown as an Example of this invention. It is a flowchart of an encryption process shown as an Example of this invention. It is a block diagram which shows the structure of the system shown as an Example of this invention in which system information is encrypted and a program is transmitted in a clear format. 1 is a block diagram illustrating a comprehensive system configuration corresponding to various embodiments of the present invention. FIG. It is a block diagram which shows the 1st implementation example of the cable system head end shown as an Example of this invention. It is a block diagram which shows the 2nd implementation example of the cable system head end shown as an Example of this invention. It is a flowchart of the encryption process in a cable system head end shown as an Example of this invention. It is a block diagram which shows the 1st implementation example of the decoding system implement | achieved by the set top box shown as an Example of this invention. It is a block diagram which shows the 2nd implementation example of the decoding system implement | achieved by the cable system STB shown as an Example of this invention. It is a block diagram which shows the 3rd implementation example of the decoding system implement | achieved by the cable system STB shown as an Example of this invention. In the Example of this invention, it is a figure explaining the PID remapping process performed by the set top box PID remapping device. It is a figure which shows the specific structural example of the decoder chip used in the set top box based on this invention.

  While the invention has many different embodiments, the specific embodiments described in detail with reference to the drawings are intended to be regarded as examples of the spirit of the invention. It is not limited to a specific embodiment. In the embodiments to be described later, like reference numerals denote like, similar or corresponding parts in the drawings. The terms “scramble”, “encrypt” and their conjugations are used interchangeably herein. Also, the term “television program” and similar terms have the meaning used for everyday conversation and any segment of A / V content that can be displayed on a television receiver or similar monitor device. It also means.

Overview Current digital cable networks often use a CA scheme that fully encrypts digital audio and video data to ensure that only properly subscribed subscribers can view the program. . This encryption is intended to prevent hackers and non-paying subscribers from receiving programs. However, since cable television operators want subscribers to be able to provide any product of multiple set-top box manufacturers, multiple encryption technologies that support each STB manufacturer's CA scheme. Must be used to send multiple encrypted copies of one program.

  The need to transmit multiple copies of a program (referred to as "full dual carriage") also uses up valuable bandwidth that can provide viewers with additional program content. In one embodiment of the invention, to address this problem, the bandwidth required to transmit the equivalent of multiple carriages is minimized. As a result, an effect equivalent to that of a full dual carriage can be obtained without using the entire band, and this method is called “virtual dual carriage”. Some embodiments of the present invention effectively achieve partial scrambling. There are various embodiments depending on the criteria for selecting which part to encrypt. Depending on the part to be selected, the newly required bandwidth and the effect of encryption change. It is preferable to use one encryption process or a combination of encryption processes in a manner consistent with embodiments of the present invention.

  The partial dual encryption disclosed herein uses an additional (ie, second) packet identifier (PID) for each replicated component. These second PIDs are used as tags for packets that carry a copy of the content encrypted by another encryption method. Program specific information (PSI) carries information about the presence of these new second PIDs so that the inserted second PID is ignored by the old STB and can be easily extracted by the new STB. Has been extended.

  Embodiments of partial dual encryption include duplicating only packets having a predetermined PID. A method for selecting a packet to be encrypted will be described in detail later. The original (ie, old) PID is still tagged as a packet, not only for packets that are transmitted in the clear, but also for packets encrypted with the old encryption scheme. The new PID is used as a tag of the packet encrypted by the second encryption method. The packet with the second PID shadows the encrypted packet with the first PID. The packets that make up the encrypted pair may be transmitted in any order, but preferably preserve the sequence of the unencrypted portion of the PID stream. As will be apparent from the following description, by using the first and second PIDs, the decoder built in the set top box uses the decoding method of the set top box itself to decode which packet. Can be easily determined. The PID processing method will be described later in detail.

  The encryption techniques described here are roughly divided into three (as one classification method), that is, a technique for encrypting only a main part (that is, audio data), a technique for encrypting only SI, and a selected packet. Can be classified into encryption technology. In general, each encryption technique used in the embodiments described herein encrypts a portion of the A / V signal or related information and clears the remaining portion of the A / V signal. Save width. The reason for saving bandwidth is that the same clear part can be sent to all kinds of set-top boxes. Various methods are used to select a portion of information to be encrypted. Thus, in various embodiments of the present invention, a conventional "brute-force" that encrypts the entire content with one specific scramble scheme, i.e., where more than one scramble scheme is desired. This eliminates the need for redundantly wasting technology. Also, each partial dual encryption method described here can be used as one partial encryption method without departing from the embodiment of the present invention.

  In various embodiments of the present invention, multiple processes may be used alone or in combination to send substantive portions of the content in a clear form (without encryption), while the content is correctly Only information with a small amount of data required for reproduction is encrypted. Thus, while copying the entire desired program stream, the amount of information that is uniquely encrypted and transmitted in a specific scrambling scheme is only a fraction of the content. In the specific system in this specification, the encryption method A is considered to be outdated. Some of the encryption techniques described above are described in detail below.

  Each CA scheme used in various embodiments of the present invention can operate independently. Each CA method is orthogonal to other methods. Each CA scheme encrypts its own packet, so no key sharing is required at the headend. Different CA key systems (different key epochs) may be used. For example, packets encrypted with Motorola proprietary encryption schemes can use fast changing encryption keys generated by the embedded security ASIC, while NDS smart card based schemes The packet encrypted with can use a modified encryption key that is slightly slower than that. The system of this embodiment works equally well with the older encryption schemes of Scientific Atlanta and Motorola.

Encrypted elementary stream (ENCRYPTED ELEMENTARY STREAM)
The system 100 shown in FIG. 2 is one example of a system that reduces the need for additional bandwidth to provide multiple carriages. In this embodiment, the system 100 takes advantage of the fact that it is normally not preferred to watch a television program without listening to audio. Although there are exceptions (for example, adult programs, certain sports competition programs, etc.), general viewers are not able to accept television and watch television programs on a daily basis. Therefore, at the head end 122, the video data 104 is broadcasted via the cable network in a clear (not encrypted) manner, but the clear audio data 106 is broadcast after being supplied to a plurality of CA devices. In the specific system 100, the clear audio data 106 is supplied to an encryption device 118 that encrypts the audio data using encryption method A (encryption method A is the old-fashioned in this specification). Encryption method). At the same time, the clear audio data 106 is supplied to the encryption device 124 that encrypts the audio data using the encryption method B. The clear video data is multiplexed with the encrypted audio data (audio A, audio B) from the encryption devices 118 and 124, system information 128, and program identification information 129.

  Video data, system information, program identification information, audio A and audio B are all distributed via the cable system 32 and then received by set top boxes (STB) 36 and 136. In the old STB 36, the video data is displayed on the television receiver 44, and the encrypted audio data is decrypted by the CA system A40 and reproduced by the television receiver 44. Similarly, in the new STB 136, the video data is displayed on the television receiver 144, and the encrypted audio data is decrypted by the CA system B140 and reproduced by the television receiver 144.

  Audio data requires less bandwidth than a complete A / V program (or even compared to a video data-only part). When stereo audio data is transmitted at 384 kb / s, the current maximum bit rate is about 10% of a 3.8 Mb / s television program. Therefore, in a 10-channel system sent by 256QAM (Quadrature Amplitude Modulation), with a dual carriage of encrypted audio data only (video data is transmitted without being encrypted), a bandwidth loss (loss) of about 1 channel is obtained. ) Only occurs. Therefore, about 9 channels can be transmitted. This is a significant improvement over the case where all channels need to be dual encrypted and the number of transmittable channels is reduced from 10 to 5. For example, in a sports competition program, a pay-per-view program, an adult program, and the like, both audio data and video data can be dual-encrypted as before.

  Both the old set-top box and the new set-top box receive clear video data in the normal way and audio in the same way that is used to completely decrypt the encrypted A / V content. Can function to decrypt data. If the user has not applied for viewing a program encrypted in the manner described above, the user can at best only view the video without listening to the audio. In order to increase the security of the video data, other embodiments (to be described later) of the present invention can also be used here. (For example, SI may be scrambled to make it difficult for an unauthorized set-top box to select the video data portion of a program.) An unauthorized set that has not been modified by a hacker When the top box receives the encrypted audio data, the top box is blanked.

  The authorized set top box receives an entitlement control message (ECM) that is used to receive access criteria and descrambling keys. This set-top box applies a descrambling key not only to audio data but also to video data. Since the video data is not scrambled, it passes through the descrambler of the set top box as it is. The set top box does not consider whether the video data is clear. Un-modified and un-subscribed set-top boxes act as un-authorized set-top boxes for clear video data and scrambled audio data . When not only audio data but also video data is actually scrambled, video is not displayed. An on-screen display may be displayed on the screen indicating that the viewer needs to apply for viewing the program. As a result, it is possible to completely prevent the viewer from both accidentally listening to and viewing the content.

  In one embodiment of the invention, the encrypted audio data is distributed as digital packets over the A / V channel. Two (or two or more) audio streams are encrypted and transmitted based on two (or two or more) encryption schemes employed in the set top box of the system 100. In two (or more) STBs, the channel in which the audio data is located from the head end 122 of the system 100 using a service identifier to properly decode and decode the respective audio stream. SI (system information) data for detecting the error is transmitted. This process is realized by assigning a first packet identifier (PID) to CA format A40 audio data and assigning a second packet identifier (PID) to CA format B140 audio data. Although not limited, as one specific example, the following program specific information (PSI) is used to specify the position of audio data in two CA systems using the limited reception technologies of NDS and Motorola, respectively. You may send it. It will be apparent to those skilled in the art that this program specifying information can be applied to other embodiments of partial encryption described later.

  The SI can be sent separately to both older and non-older set top boxes. Also, the SI can be transmitted so that the old set-top box and the non-old set-top box basically operate without interference. The virtual channel table (VCT) in SI delivered to the old set-top box has a service ID “1” for a desired program, for example, HBO referred to as program number 1, and VCT access control Indicates that the bit is set. The network information table (NIT) distributed to the old set top box indicates that the service ID “1” is the frequency 1234. Further, the VCT in the SI distributed to a non-old set-top box has a service ID “1001” for a desired program, for example, an HBO referenced by the program number 1001, and the VCT access control bit is set. It is shown that. The NIT distributed to the non-old model set-top box indicates that the service ID “1001” has the frequency 1234. The PSI data of a broadcast program association table (PAT) shown as an example below is transmitted (in MPEG data structure format) to both old and non-old set top boxes.

  The following specific broadcast program map table (PMT) PSI data is selectively received (in MPEG data structure format) by older and non-older set-top boxes.

  In a specific example suitable for program distribution in a system that employs either the CA system of Motorola or Scientific Atlanta in addition to the CA system of NDS, the communication described above can be changed only slightly. This is consistent with the PSI delivered by both the Motorola and Scientific Atlanta CA systems. The broadcast program related table (PAT) is changed to refer to an additional broadcast program map table (PMT) for each program. In this embodiment, each program has two program numbers in the PAT. In Table 1 above, program number 1 and program number 1001 are the same program, but refer to different audio PIDs and CA descriptors, respectively. In the system 100, a plurality of PMTs can be generated and a new PAT and PMT information can be multiplexed into a data stream by appropriately changing the head end device of the cable system 32. It will be apparent to those skilled in the art that these messages can be encrypted by other partial encryption schemes described in the specification. This method does not require special hardware or software for the headend or old and non-old set-top boxes, and uses this method to distribute audio signals encrypted with old and non-old encryption schemes. There is an advantage that you can.

  Although this technique can prevent the user from hearing the audio of a pay program that the user has not paid for, viewing can be blocked, but the hacker can select the video. To counter this, the mechanisms (as described below) used in other encryption techniques of the present invention may be used simultaneously as needed. In general, since multiplexed character information is transmitted as part of video data, the user can obtain readable audio information together with clear video. Thus, while this technique is suitable for certain applications, it cannot be said to provide sufficient protection for all applications. In other embodiments, video packets that contain character multiplexed information as part of the payload may be further scrambled.

  In other embodiments, only the video data may be dual or multiple encrypted and a separate PID assigned to each set of encrypted video data. This can provide stronger encryption for regular programs (since video data is more important than audio data), but only audio data is shared by all set-top boxes. The amount of bandwidth that can be saved is only about 10% compared to a full dual carriage. Note that this method is used for certain content such as adult programs and sports competition programs, for example, to reduce bandwidth overhead for the content, and for other types of content using audio encryption methods. Also good. A service channel identifier (SCID) that is considered equivalent to a packet identifier in the transport standard of the Digital Satellite Service (DSS) used in the DirecTV (trademark) service ) Can be used to identify audio packet encryption.

Time Slicing Another embodiment of the present invention relates to time slicing and is shown in FIG. In this embodiment, a part of each program is encrypted on a time-dependent basis, and when the user has not paid for the program viewing, the program viewing is stopped. This embodiment of the present invention partially encrypts video data and clears audio data, clears video data and partially encrypts audio data, or video data and This can be realized by partially encrypting audio data. The time slice, i.e. the ratio of the time period being encrypted, to the total time can be chosen so that the balance between the bandwidth used and the security against hackers is optimal. In general, in any of the embodiments described herein, the content is encrypted to less than 100% to produce the desired partially encrypted data. In the following specific example, partial encryption of video data and audio data will be described.

  By way of example and not limitation, a system for dual partially encrypting nine programs according to a specific embodiment of the present invention will be described. These nine channels are supplied to the cable head end 222 as a multiplexed stream of packets and use a packet identifier (PID) to identify packets associated with a particular one of the nine programs. Digitally encoded. In this example, these nine programs have a video PID numbered 101-109 and an audio PID numbered 201-209. The partial encryption based on this embodiment is performed in a time-sharing manner for nine programs so that only one program packet is encrypted at an arbitrary time. This method does not require content-aware.

  With reference to Table 3 below, time slice dual encryption according to an embodiment of the present invention will be described. For program 1 having first video PID 101 and first audio PID 201, in the first period, packets having PID 101 and PID 201 are encrypted using encryption method A, and other packets representing other programs are cleared. Send. In this embodiment, the second PID is also assigned to the video packet and the audio packet. The second PID of program 1 is PID 111 for video packets and PID 211 for audio packets. The packet to which the second PID is assigned is encrypted using the encryption method B in the first period, and is transmitted clearly in the next eight periods. Then, in the period 10, the packet having any one of the four PIDs described above is encrypted again, and is transmitted clear in the subsequent 8 periods. Similarly, the program 2 having the first video PID 102 and the first audio PID 202 is encrypted using the encryption method A in the period 2, and the packet to which the corresponding second PID is assigned is encrypted. Encrypt using B, send it clear for the next 8 periods, and so on. This pattern is evident from the first nine rows of Table 3. With this technique, it is possible to encrypt both audio and video packets, only audio packets, or only video packets without departing from the present invention. In addition, the audio packet and the video packet can have separate encryption sequences. In Table 3, P1 indicates period 1, P2 indicates period 2, and so on. EA indicates that the information is encrypted using CA method A, and EB indicates that the information is encrypted using CA method B.

  In order to maintain compatibility with the conventional old encryption method (encryption method A), the programs 1 to 9 are encrypted using the encryption method A during the encryption period. The old STB device receives the partially encrypted A / V data stream, transparently passes the unencrypted packet, and decrypts the encrypted packet. However, the dual encryption method using both the encryption method A and the encryption method B is preferable. In order to perform dual encryption, certain pay programs have a first PID (eg, video PID 101 and audio PID 201 for program 1) and a second PID (eg, video PID 111 and audio for program 1). Both PIDs 211) are allocated and an elementary data stream of a specific pay channel is transmitted.

  FIG. 3 is a block diagram that schematically illustrates the functionality of the cable system head end 222 in the system 200, where an N-channel clear video packet 208 is transmitted to an intelligent switch 216 (programmed processor). The intelligent switch 216 supplies clear transmission packets to the PID assigner 220, and the PID assigner 220 assigns a first PID to these packets. The packet to be encrypted is supplied to both the CA system A encryptor 218 and the CA system B encryptor 224. The CA system A encryptor 218 and the CA system B encryptor 224 respectively encrypt these packets and supply them to the PID allocator 220. The PID allocator 220, respectively, has a first PID or a second PID. Assign. The clear packet, the CA system A encrypted packet, the CA system B encrypted packet, the system information 228 and the PSI 229 are multiplexed or combined and broadcast via the cable system 32.

  For the sake of explanation, assuming that the time slice period is 100 ms, as shown in Table 3, there is an encryption period of 1.1 (one and a fraction) on average, and a total of 111 ms per second for all nine programs. Become. If the time slice period is 50 ms, there is an average of 2.1 encryption periods, for a total of 111 ms. When trying to tune to a video signal with an unjoined set-top box, no matter what the image can be fixed, only a very poor quality image can be obtained, and the sound becomes unclear.

  The PSI of the partially scrambled stream is processed slightly differently than in the dual audio encryption example described above. Basically, the same SI and PAT PSI information can be sent to both old and non-old set top boxes. The difference is PMT PSI information. The old set-top box analyzes the PMT PSI to obtain the previous first video PID and audio PID. The non-old style set-top box gets the first PID like the old-style set-top box, but in order to see if the data stream is partially scrambled, the CA descriptor in the PMT's PSI Must be examined. A particular CA provider has deliberately scrambled the second PID, and therefore uses a specific CA provider-specific CA descriptor to send that PID. In the present invention, a plurality of CA providers can coexist by making it possible to use two or more second PIDs. The second PID is unique to a particular CA provider. The set top box knows the CA ID of the CA system that it has, and can confirm all CA descriptors related to the CA system.

  The second PID can be sent as private data in the same CA descriptor used in the ECM, but in the preferred embodiment, another CA descriptor is used. The second PID is located in the CA PID field. This allows the headend processor to “see” the PID without analyzing the private data field of the CA descriptor. The difference between the CA descriptor of the ECM and the CA descriptor of the second PID is that a dummy private data value can be transmitted in the CA descriptor of the second PID.

  When the old STB 36 operating based on the CA system A receives data, the old STB 36 ignores the second PID, decrypts the packet encrypted by the CA system A, and displays the program on the television receiver 44. A non-old or new STB 236 receives SI 228. The new STB 236 receives the PSI 229 and uses the PMT to read from the second CA descriptor and identify the first and second PIDs associated with the program to be viewed. A packet encrypted by CA method A is discarded, encrypted by CA method B, and a packet having a second PID is decrypted by CA method B 240 for decoding and representation to television receiver 244. Inserted into a clear data stream.

  FIG. 4 is a diagram showing an encoding process at the head end of a cable system that can be used to realize an embodiment of the present invention. CA system A is an old system, and CA system B is introduced. This is a new method. In step 250, if a given program is provided as a clear packet, then that packet (or frame) is not encrypted (ie, the current time slice of encryption is not for this program), step 254. The clear packet (C) is inserted into the output stream. When the current packet is encrypted by being part of an encryption time slice, the packet is encrypted in step 258 of packet encryption process A and step 262 of packet encryption process B, respectively. The packet encrypted by the encryption process A (EA) in step 258 is inserted into the output stream in step 254. The packet encrypted by the encryption process B (EB) in step 262 is assigned a second PID in step 264 and inserted in the output stream in step 254. This process is repeated for all packets in the program.

  FIG. 5 illustrates a process of decoding and decoding the received data stream including the C packet, the EA packet, and the EB packet having the first and second PIDs, which is used in the STB 236 having the newly introduced CA method B. Show. In step 272, when a packet is received, it is checked whether the packet has a predetermined first PID. If there is no first PID, step 274 checks to see if the packet has a predetermined second PID. If neither the first PID nor the second PID is present, the packet is ignored or discarded at step 278. Any packet between the EA packet and the EB packet that is not the first PID or the second PID is discarded. It is a matter of design and buffering whether the decoder can always receive EA packets before receiving EB packets, or can always receive EB packets before receiving EA packets. Also, it is equally easy to design the second packet to be detected before rather than after the first packet. It is also possible to design the circuit so that the second packet can be received either before or after the first packet. If the packet has a predetermined first PID, it is determined in step 284 whether the packet is encrypted. If not encrypted, the packet (C) is immediately supplied to the decoder and decoded in step 288. If it is determined in step 284 that the packet is encrypted, the packet is considered to be an EA packet and is discarded or ignored in step 278. In some embodiments, the encryption of the first packet is not examined at step 284. Rather, in step 284, the position of the first (second) packet relative to the second (first) packet may simply be detected to identify the first (second) packet.

  In step 274, if the packet has a second PID, the second PID is remapped to the first PID in step 292 (or equivalently, the first PID is the second PID value). Reassigned to The packet is decoded at step 296 and supplied to the packet decoder at step 288 for decoding. Of course, it will be apparent to those skilled in the art that various modifications can be made without departing from the invention. For example, the order of step 292 and step 296 or the order of step 272 and step 274 can be interchanged. it can. As previously mentioned, step 284 can be replaced with detection of the position of the first packet relative to the second packet. Those skilled in the art can envision other changes.

  The old STB 36 operating with the encryption method A completely ignores the second PID packet. The packet having the first PID is decoded as necessary, and when it is a clear packet, it is supplied to the decoder without being decoded. Thus, a so-called “old” STB operating with encryption scheme A properly decrypts and decodes the partially encrypted data stream associated with the first PID, without changing the data stream of the second PID, ignore. The STB operating with encryption scheme B ignores all encrypted packets associated with the first PID and uses the transmitted encrypted packet with the second PID associated with the particular channel. It is programmed.

  Thus, each dual partially encrypted program has two sets of PIDs. When encryption is performed on a period basis for a system indicated by the appropriate time slice interval as described above, the image is basically not visible in the STB with either decryption scheme.

  To implement this system in the headend 322 shown in FIG. 6, the SI and PSI can be modified to include a second set of CA descriptor information. Older STBs cannot tolerate unknown CA descriptors. Thus, instead of being able to “hard code” the offset from the legacy CA PID for both the content PID and / or SI / PSI and the ECM PID in the legacy STB. It may be. Alternatively, a parallel PSI may be sent. For example, an auxiliary PAT can be distributed with PID1000 instead of PID0 for a non-old STB. Non-old-style STBs can reference auxiliary PMTs that are not in the old PAT. The auxiliary PMT can include non-obsolete CA descriptors. Since the auxiliary PMT is not known to older STBs, there is no interoperation problem at the same time.

  In the system A system corresponding to the old STB manufactured by Motorola or Scientific Atlanta, there is no need to change the STB. On the other hand, in the STB compatible with the system B, for the dual carriage of the partially encrypted program described here, there are not only one video and one audio decoder, but two PIDs (first PID and (Second PID) is referenced (listen). Depending on the number of new CA schemes used, there is one or more second shadow PIDs, but a specific STB only references one second PID suitable for the CA scheme used there. (Listen) Don't. Also, it is ideal to ignore encrypted packets from PIDs that mostly carry clear video data or clear audio data. Since ignoring “bad packets” (packets that cannot be easily decoded as they are) is a function already executed in many decoders, it does not need to be changed. In a system using a decoder that does not ignore nonconforming packets, a filter function can be used. Note that the time slice encryption technique can be applied only to video data and audio data. Also, as shown in the above embodiment, video data is time slice encrypted, while audio data is dual encrypted. The time slice encryption technique can be applied to a plurality of programs simultaneously. The number of programs to be encrypted in a certain period varies depending on the bandwidth allocation. Here, an example of scrambling one program at a time is described, but the present invention is not limited to this. Other combinations of encryption techniques described herein will be apparent to those skilled in the art.

Mth N Packet Encryption “Mth & N packet encryption” will be described as another embodiment of the present invention. This is a variation of the embodiment shown as system 200 in FIG. In this embodiment, each PID packet representing one program is encrypted so that the user cannot view the program if the user has not paid for the program. In this embodiment, M represents the number of packets between the start points of each encryption event, and N represents the number of packets that are encrypted continuously after encryption starts once. . N is a number smaller than M. If M = 9 and N = 1, there is one continuous encryption event every 9 packets. If M = 16 and N = 2, there are two consecutive encryption events for every 16 packets. As in the above-described embodiment, each packet subjected to dual partial encryption is duplicated and processed using CA method A 218 and CA method B 224. The difference in operation between this embodiment and the time slice encryption technique described above is that the operation of the switch 216 selects the packet to be encrypted under the control of the programmed processor.

  The present invention describes, but is not limited to, a system having 9-channel programs that are dual encrypted by this embodiment. These nine channels are digitally encoded using a packet identifier (PID) that identifies a packet corresponding to a particular one of the nine programs. In this specific example, these nine programs have video PIDs with numbers 101 to 109 and audio PIDs with numbers 201 to 209. The encryption in this embodiment is random between programs (random program-to-program), and packets from other programs may be encrypted simultaneously. A specific example is M = 6 and N = 2, and is shown in Table 7 below as an example of encrypting only a video packet, but this does not limit the present invention. This method need not be content-aware. In Table 7, PK1 represents packet number 1, PK2 represents packet number 2, and so on.

  In the specific example shown in Table 7, each program is encrypted completely independently of other programs using an encryption scheme of M = 6 and N = 2. Here, an example in which only a video packet is encrypted is shown, but in this embodiment or another modification, an audio packet may be encrypted. When this encryption is applied only to the video packet, the audio packet may be dual-encrypted or time-sliced as in the above-described embodiment. Alternatively, when this encryption is applied only to the audio packet, the video packet may be time-sliced similarly to the above-described embodiment.

  It will be apparent to those skilled in the art that various modifications can be made to the technique corresponding to the partial scrambling concept disclosed herein. For example, 5 clear packets, then 2 encrypted packets, 2 clear packets, 1 encrypted packet, and the following pattern (CCCCCEECECCCCCCCEEECCE ...) represent the partial encryption concept of the present invention. It is a modified example, and a random value of M and N, a pseudo-random value, or a semi-random value may be used for selecting a packet to be encrypted. By choosing random, pseudo-random or semi-random ("random" all inclusive) of the packet, hackers were able to algorithmically reassemble the packet and record it in post processing It becomes difficult to play scrambled content. Techniques for applying this information to other embodiments of partial encryption described below will be apparent to those skilled in the art. Some embodiments can be used in combination to further increase content security.

Data structure encryption In another partial encryption method according to an embodiment of the present invention, encryption is performed for each data structure. For example, one data structure to which encryption can be suitably applied is an MPEG video frame, but is not limited thereto. In this specific example, in the specific example shown in Table 8, one video frame is encrypted every 10 frames (here, only the video frame is encrypted), but this does not limit the present invention. In this embodiment, the encryption cycle for every 10 frames of each program is separate for each channel, but this is not a limitation of the present invention. This concept is based on video frames or audio frames (or some other data structure), eg time slicing or modification of the Mth N partial encryption sequence (or other pattern) where M = 10 and N = 1 It is an example. Of course, other values of M and N can be used in similar embodiments. In Table 8, F1 represents frame number 1, F2 represents frame number 2, and so on.

  Therefore, also here, two sets of PIDs corresponding to each encrypted program are added. As described above, when encryption is performed for each period in the system shown in the figure, the image cannot be basically viewed. In a nine program system that displays 30 frames per second, approximately 3 frames are encrypted per second. Even if the STB of a viewer who does not have the right to view a program tries to synchronize and play continuously, it can only acquire a partial still image. A viewer who subscribes to program viewing can easily view the program. The bandwidth cost of such an encryption configuration depends on the frequency band to which the encryption is applied. In the example described above, an extra factor of 1/9 of the data is transmitted for each program. In this specific example, a bandwidth equivalent to about one program is used. When the number of programs is increased, the number of packets encrypted for each program is reduced, and the security of the encryption system is slightly deteriorated. Similar to the randomized Mth N packet encryption method, a random frame may be selected. In the case of a video frame, by selecting a random frame, all frame types are affected-intra-coded frames (I-frames), forward-predicted-coded frames (P-frames). ), A bi-directional-coded frame (B frame) and a DC frame are guaranteed.

  In the modification of the present invention, an acceptable security level can be achieved even if the number of packets to be encrypted is further reduced. That is, for example, in the 9-program system, an allowable security level can be achieved only by encrypting one frame per second. In such a system, the overhead is one encryption period per second per program, that is, about 1/30 of data is transmitted in the overhead. Such a reduction in overhead can be said to be a significant improvement compared to a transmission loss of 50% of the bandwidth corresponding to the full dual carriage by the two encryption methods. As another modification of the present invention, an allowable security level can be achieved even if only an arbitrary video frame is encrypted. For example, by scrambling only I frames for MPEG content, bandwidth overhead can be further reduced while maintaining an acceptable security level. This can significantly reduce the bandwidth required for a full dual carriage.

Important Packet Encryption Bandwidth usage efficiency can be greatly increased by using selective dual packet-by-packet encryption technology. In this dual encryption technique, the packet to be encrypted is selected based on the importance of the appropriate program content to the audio and / or video data.

  In this embodiment, only a small part of the packet is scrambled, so that the bandwidth usage can be reduced as compared with the full dual carriage of the encrypted content. A clear packet is shared between two or more dual carriage PIDs. In a preferred embodiment, as described below, less than about 1% of the total content bandwidth is used. In the old encryption system, unencrypted program content packets can be received by both the old and new set top boxes. As described above, encrypted packets are dual carried and processed by each set top box in an appropriate CA scheme. Each CA system is orthogonal. In each CA method, key sharing is not necessary, and different keys may be used. For example, Motorola's proprietary encryption scheme can generate fast changing encryption keys with an embedded security ASIC, while NDS smart card-based systems change slightly later. Generate an encryption key. This embodiment works equally well with the older encryption schemes of Scientific Atlanta and Motorola.

  FIG. 6 shows a block diagram of a system 300 that dual-encrypts a part of a program for each packet as an embodiment of the present invention. In this system 300, the packets of each program are dual-encrypted using, for example, the old CA method A and the new CA method B. Packets to be encrypted are selected based on their importance and sent to the appropriate decoder for video and / or audio streams.

  In the system 300 shown in FIG. 6, the cable system head end 322 selects a packet to be encrypted of the A / V content 304 in the packet selector 316. The packets to be encrypted are selected such that their unreception (by an unpaid decoder) has a significant impact on real-time decryption of the program and any post-processing of the recorded content. That is, only critical packets (hereinafter referred to as critical packets) are encrypted. For video and audio packets, critical packet encryption is a “start of frame” that includes a PES (packetized elementary stream) header and other headers as part of the payload. This can be achieved by encrypting the transport stream packet. Without these pieces of information, the STB decoder cannot decompress MPEG compressed data. The MPEG2 stream identifies a “frame start” packet by a “packet Unit Start Indicator” in the transport header. In general, this scrambling technique can be realized by using a packet carrying a payload including a GOP header or a video sequence header.

  Compressed video data compliant with the Moving Pictures Expert Group (MPEG) format repackages an elementary data stream into a transport stream of some arbitrary payload containing 188 bytes of data. In this manner, the transport stream packet including the PES header is selected by the packet selector 316 as being encrypted, and is dual-encrypted by both the CA method A encryptor 318 and the CA method B encryptor 324. The The packet to be partially encrypted is duplicated and encrypted by the encryptor 324, and the PID of the duplicated packet is changed to the second PID in the second PID assigner 330 as in the above-described embodiment. Assigned. The remaining packets are passed clear. The clear packet, the packet encrypted by the CA method A, the packet encrypted by the CA method B, the system information 328, and the PSI 329 are multiplexed with each other and broadcast via the cable system 32. .

  Similar to the method described above, the old STB 36 receives clear data and data encrypted by the CA method A, and transparently combines the data decrypted by the CA method A 40 and the unencrypted data. To the decoder. In the new STB 336, the program is assigned to both the first PID and the second PID. A clear packet having the first PID is received and provided to the decoder. The encrypted packet with the first PID is discarded. The encrypted packet with the second PID is decrypted and re-inserted into the data stream for decoding (eg, by remapping the packet to the first PID).

  Taking video data as a specific example, each sample is called a frame, and the sampling rate is typically 30 frames per second. When encoding samples to conform to 3.8 Mbps, each frame occupies 127 kbits of bandwidth. The MPEG transport data is sliced into 188 byte packets, and the first packet of each frame includes a header that is used to indicate the processing of the body of the frame data. When dual encrypting only the first header packet (additional 1504 bits), the additional bandwidth required is only 1.2% (1504 / 127k). For a high definition stream (19 Mbps) this ratio is even smaller.

  As described above, in the embodiment of the present invention, it is desirable that the transport stream packet including the PES header is to be encrypted. These packets include a sequence header, a sequence extension header, a picture header, and quantization and other decoding tables that are also included in the same packet. If these packets cannot be decoded (ie, if a hacker tries to view an unauthorized program without paying a subscription fee), most of the program cannot be viewed. In many cases, trying to tune a program will only display a blank screen, and well-known decoder integrated circuits use PES headers to synchronize elementary streams such as video and audio in real time. I can't hear any sound. By encrypting the PES header, the decoding engine in the unauthorized set-top box cannot even start the operation. For example, post processing attacks on stored content are prevented by dynamically changing information in the packet including the PES header. It will be apparent to those skilled in the art that other critical or important packets or content elements may be encrypted to prevent unauthorized viewing without departing from the spirit of the present invention. For example, MPEG intra-encoded frames, i.e., I-frame picture packets, may be encrypted to limit viewing of the video portion of the program. This embodiment of the invention may be combined with any other embodiment, for example, encrypting a packet containing a PES header and random encryption, Mth N encryption, or data for other packets. Structural encryption may be applied. Video data may be encrypted using critical packet encryption, and other encryption schemes may be applied to the audio data. For example, the audio data may be dual-encrypted. Those skilled in the art can devise various modifications within the scope of the present invention.

  FIG. 7 is a flowchart illustrating a specific encoding process applied to, for example, the head end 322 shown in FIG. When a transport stream packet is received, step 350 examines the packet and determines whether this packet meets the selection criteria for encryption. In the preferred embodiment, the selection criteria is the presence of a PES header as part of the packet payload. If this selection criterion is not met, the packet is passed as a clear, unencrypted packet (C) and inserted into the output data stream at step 354. If the packet meets this selection criteria, in step 358, the packet is encrypted with CA encryption scheme A to generate an encrypted packet EA. Further, this packet is duplicated, and in step 362, the duplicated packet is encrypted by the CA encryption method B to generate an encrypted packet. In step 366, this encrypted packet is mapped to the second PID, thereby generating an encrypted packet EB. In step 354, the encrypted packets EA and EB are inserted into the output data stream along with the clear packet C. Preferably, the encrypted packets EA, EB are inserted in the data stream at the position where the original single packet was removed for encryption, so that the sequence of data is essentially the same. Good.

  When the output data stream generated in step 354 is received by an STB conforming to CA encryption method B such as STB 336 shown in FIG. 6, for example, as shown in FIG. 8 (similar to FIG. 5). The program decodes and decodes the program. When a packet having the first PID or the second PID is received, it is determined in step 370 whether the packet is clear (C) or encrypted based on CA encryption method A (EA). In step 374, it is determined whether the packet is encrypted based on the CA encryption method B (EB). If the packet is clear, it is passed directly to the decoder 378. In some embodiments, the first (second) packet is based on a relative position such as whether the first (second) packet is in front of or behind the second (first) packet. Packets may be detected in the stream. In this case, it is not particularly necessary to confirm the scramble state of the first packet. If the packet is an EA packet, in step 380, the packet is discarded. If it is a packet EB packet, the packet is decoded in step 384. At this point, in step 388, the second PID packet and / or the first PID packet is remapped to the same PID. Then, the decoder 378 decodes the decoded packet and the clear packet.

  With the dual partial encryption method described above, bandwidth requirements can be greatly reduced compared to the full dual carriage case. The encryption of PES header information is effective in ensuring the safety of video and audio content, and this allows two or more CA systems to be independently co-existed within the same cable system. " In this case, there is no effect on the old A-type set-top box, and the B-type set-top box may be slightly expanded in hardware, firmware, or software to refer to two PIDs for video and audio data. Good. Old and non-old STBs maintain their basic CA scheme. The headend change is limited only to selecting the content to be encrypted, that is, the second encryptor, the encrypted packet and the unencrypted packet are mixed and output A circuit for generating a stream (composite output stream) may be provided.

  In one embodiment, the headend device encrypts as much content as the bandwidth allows, not just the critical PES header, depending on the situation. These further encrypted packets may be packets in the PES payload or other packets in the video / audio frame, which further increases the security of the content.

SI encryption (SI ENCRYPTION)
FIG. 9 shows a specific configuration of a system 400 that minimizes the need for additional bandwidth. In this example, system 400 takes advantage of the fact that system information (SI) 428 is required to tune a program in a set top box. In a cable system, SI is transmitted out-of-band, that is, at a frequency other than the frequency of a normal viewing channel. In addition, SI may be transmitted in-band. When transmitting in-band, SI 428 is duplicated for each stream and transmitted with each stream. For the sake of illustration, it is assumed that the SI supplied to the “old” set top box is separated from the SI supplied to a new set top box such as STB 436, for example. Thus, each version of SI 428 is individually encrypted using CA method A 418 and CA method B 424. Clear video data 404 and clear audio data 406 are delivered in a clear format, but SI 428 is required to indicate that this is clear.

  The SI includes frequency tuning information for each channel along with information such as channel name and program guide information including, for example, program name and start time. Digital channels are multiplexed with each other and transmitted via specific frequencies. In an embodiment of the present invention, the SI information is encrypted and can only be used by authorized set-top boxes. If SI information indicating allocation of all A / V frequencies in the system (plant) is not received, tuning cannot be performed.

  The channel frequency may be offset from the standard frequency in order to modify the set top box to disable hacking attempts to attempt frequency or scan. Furthermore, the frequency may be dynamically changed daily, weekly, or in other cycles, or randomly. The head end of a typical cable system uses about 30 frequency bands. Each frequency is often selected so that there is no interference between each other, between the terrestrial broadcast signal, and the frequency used as the clock for the receiving device. Each channel has at least one independent alternate frequency that does not cause interference when used, or when used, changes the frequency of an adjacent channel. Therefore, the actual possible frequency maps are 230 or 107 × 109. Here, the hacker may simply act to try each of the 30 channels for both frequencies of each station. Upon successful identification of the frequency providing the content, the hacker's set-top box analyzes the PSI 429 and obtains information about the individual PIDs that make up the program. Here, it is difficult for the hacker to specify that “program 1” is a program “CNN” and “program 5” is a program “TNN”. Such information is encrypted as described above and transmitted with SI that cannot be used in an unauthorized set-top box. However, if each of the contents distributed by hackers is selected and examined, the correspondence between the program and the station can be grasped. In order to prevent such channel identification, the allocation of programs in a single stream is changed according to the time, for example, the program 1 and the program 5 in the specific example described above are replaced, and “program 1” is changed to “TNN”. ”, And“ program 5 ”may be changed to“ CNN ”to confuse the hacker. Alternatively, the program may be moved to a completely different stream based on a completely new program grouping. The head end of a typical cable system has the ability to distribute the content of 250 programs, including music programs. Each program can be uniquely selected. 250 possible reordering combinations! (Factorial). If there is no map of content provided by either the delivered SI or the hacker, the user must select a program at random and see if the program is of interest. Disappear.

  Thus, in the head end 422, the video signal 404 and the audio signal 406 are supplied in a clear (unencrypted) format, and the SI 428 is distributed via a cable network based on a plurality of CA systems. . Therefore, in the system 400 shown in this specific example, the clear SI 428 is supplied to the encryptor 418, and the encryptor 418 encrypts the SI 428 using the encryption method A. At the same time, the clear SI 428 is also supplied to the encryptor 424, and the encryptor 424 encrypts the SI 428 using the encryption method B. Next, the clear video signal 404, audio signal 406 and PSI 429 are multiplexed together with the encrypted SI (SI A) from the encryptor 418 and the encrypted SI (SI B) from the encryptor 424. The out-of-band system information 428 is replaced.

  After being distributed via the cable system 32, the video data, audio data, system information A, and system information B are all supplied to the set top box 36 and the set top box 436. In STB 36, the encrypted SI is decrypted in CA system A40, and channel selection information is provided to the set top box. The set top box 36 selects a specific program and displays it on the television receiver 44. Similarly, in the STB 436, the encrypted SI is decrypted in the CA system B440, and channel selection information is provided to the set top box, so that a specific program is selected and displayed on the television receiver 444. become able to.

  This method has an advantage that it is not necessary to prepare an additional A / V band in a content distribution system such as a cable system. Here, only SI is dual carried. No special hardware is required. Most tuners can easily adapt to any offset frequency from the standard frequency. SI decoding may be performed by software or may be performed with the help of hardware. For example, an older Motorola set-top box uses a hardware decoder embedded in a decoder integrated circuit chip to deliver SI delivered to the Motorola set-top box via an out-of-band frequency band. Has the ability to decrypt

  There is also the possibility that a hacker uses a spectrum analyzer on a coaxial cable to identify the A / V channel. Furthermore, although this process takes a relatively long time, a hacker may modify the set top box to automatically scan the frequency band and specify the A / V channel. If the A / V channel frequency is changed dynamically, hackers must continually analyze or scan the band, which can frustrate the hacker's behavior. Further, the program number and assigned PID may be changed. However, if the frequency, program number, and PID are dynamically changed, for example, processing in a service provider such as an operator of a cable system becomes complicated.

Comprehensive expression (GENERALIZED REPRESENTATION)
Each method described above can be comprehensively expressed as the system 500 of FIG. The system 500 includes a cable system head end 522 that includes clear video data 504, clear audio data 506, SI 528, and PSI 529, which are controlled by an intelligent processor. The switch 518 is selectively switched via the switch 518, and the switch 518 performs PID allocation (in the embodiment requesting PID allocation or re-allocation), and selectively selects each of the above-described data in the CA scheme A520 or CA scheme. B524 is supplied to the cable system 32 in a clear format. As before, the program or SI encrypted by the old CA method A is correctly decrypted by the STB 36. The information encrypted by the CA method B is detected, decrypted, and decoded by the STB 536 as described above.

Consideration regarding PID mapping The above-described concept of PID mapping can be applied to the dual partial encryption method described here, if necessary. In general, at the cable system headend, the data stream of packets is manipulated to replicate the packets selected for encryption. These packets are duplicated and encrypted based on two different encryption schemes. Duplicated packets are assigned individual PIDs (one of which corresponds to the old CA PID used for clear content) and these packets are the original selected in the data stream. Inserted at the position of the packet and transmitted through the cable system. From the head end of the cable system, an old-style encrypted packet having the same PID and a stream of clear packets are output. The second PID indicates that the packet is encrypted with a new encryption method. In addition to PID remapping performed at the headend, MPEG packets utilize a continuity counter to maintain an appropriate sequence of packets. In order to ensure that proper decoding takes place, it is necessary to maintain this continuity counter properly while generating a packetized data stream at the headend. This is accomplished by allowing packets with each PID to be continuously assigned to the continuous counter in the normal manner. As a result, the packet having the second PID has a continuous counter that is independent from the continuous counter of the first PID. This is shown in simple form below. Here, PID025 is the first PID, PID125 is the second PID, E represents an encrypted packet, C represents a clear packet, and the number at the end is a continuous counter Represents.

  In this exemplary packet segment, the packet with PID 025 has its own sequence of consecutive counters (04, 05, 06, 07, 08, 09,...). Similarly, the packet having the second PID 125 has its own sequence of consecutive counters (11, 12,...). In the STB, the PID can be processed in any number of ways, and the encrypted packet with the second PID is properly associated with the correct program. A specific example of the input stream segment including the packet header is shown below.

  By processing this input stream, the following output stream segment is generated.

  The first PID (025) is replaced with the second PID (125) for the clear packet (C) in the input stream. For the encrypted packet, the first PID and the second PID are maintained, but the continuous counter is replaced. Thereby, the stream of packets can be correctly decoded and decoded without causing an error due to loss of continuity by using the second PID. In addition to the embodiment of the present invention, as another method related to the processing of PID, for example, the PID (125) of an old packet that has been scrubbed may be mapped to NOP PID (all 1) or other PID values that are not decoded. Alternatively, a continuous counter may be used.

  The first and second PIDs are included in a broadcast program map table (PMT) transmitted as part of a program specific information (PSI) data stream and supplied to the STB. The presence of the second PID can be ignored by STBs that operate based on CA encryption scheme A (the “old” scheme), while new STBs that operate based on CA encryption scheme B , Programmed to recognize that the second PID is being used to transmit an encrypted portion of the program associated with the first PID. The set top box is informed that the encryption scheme is used due to the presence of the CA descriptor in the basic PID “for loop” of the PMT. There is usually a CA descriptor for the video basic PID “four loops” and another CA descriptor for the audio basic PID “four loops”. The CA descriptor uses a private data byte to identify CA_PID as an ECM PID or a second PID used for partial encryption, thereby allowing STB operation to be performed in a single program. The method B is set to detect the first and second PIDs related to. Since the PID field in the transport header is 13 bits long, 213, that is, 8192 PIDs can be used, and any spare PID may be used as the second PID as needed.

  In addition to assigning a PID to each program component or a selected portion of the program component, a new PID may be assigned to the tag ECM data used in the second encryption scheme. Each assigned PID number is designated as a stream type defined by the user so as not to interfere with the operation of the old STB. In MPEG, such a number of spare blocks are defined as data stream types defined by the user.

  PID mapping at the cable head end is a conceptually simple process, and in fact, the cable head end equipment already supports such mapping, and thus the minimal of existing cable systems. Such a method can be realized at low cost by modification. How this scheme is implemented in the cable system headend depends on the actual old hardware in the headend, as will be described in detail later with a specific example.

Headend Implementation The above-described embodiments described with reference to FIGS. 2, 3, 6, 9, and 10 are somewhat conceptual in nature and generally relate to various embodiments of the present invention. Those skilled in the art will appreciate that they are used to explain general ideas and concepts. In order to realize the present invention practically, in the real world, it is necessary to realize cost-effective implementation of various partial encryption methods in the existing old headend devices of cable providers that have already been established. It will be apparent to those skilled in the art that there are significant problems. Here, taking the two old cable systems as specific examples, how the above-described method is realized at the cable head end will be described.

  First, consider the cable system headend using Motorola's conditional access technology. In such a system, in order to realize dual partial encryption at a low cost, a change as shown in FIG. 11 can be performed. In a typical Motorola system, Headend In The Sky (hereinafter referred to as HITS) or a similar system, the signal is supplied from a satellite. In this scheme, a receiver / descrambler provided by a cable provider, for example, a Motorola Integrated Receiver Transcoder (IRT) model IRT1000 and IRT2000 and a Motorola Modular Processing System (MPT), etc. / Provide aggregated digitized content to be received by the scrambler system 604. A clear stream of digital television data can be obtained from the satellite descrambler function block 606 of the receiver / descrambler / scrambler system 604. This clear stream is processed by a new functional block shown as a packet selector / duplicator 610. The packet selector / duplicator 610 can be implemented as a programmed processor or as hardware or software and combinations thereof.

  The packet selector / duplicator 610 selects a packet to be dual encrypted based on any of the dual partial encryptions described above. These packets are duplicated and given a new PID so that they can be identified in later encryption. For example, if a packet associated with a particular program supplied to the packet selector / duplicator 610 has a PID “A”, the packet selector / duplicator 610 identifies the packet as a packet to be encrypted, and And PID “B” and PID “C” are remapped to these packets, respectively. Thereby, in the later encryption, these packets can be specified according to two different systems. Preferably, the duplicated packet is inserted adjacent to each other together with PID “B” and PID “C” at the position of the original duplicated packet of the data stream. As a result, these packets maintain their original positions (however, there will be two packets at positions where there was only one packet in the original data stream). Here, it is assumed that the new CA method to be added is NDS encryption. In this case, PID “A” represents a clear packet, PID “B” represents a packet encrypted by the NDS method, and PID “C” represents a packet encrypted by the Motorola method. At this point, the packet having the PID “B” may be encrypted by the packet selector / duplicator 610 using the NDS encryption method, or may be encrypted later.

  Packets with PID “B” and PID “C” are returned to the receiver / descrambler / scrambler system 604, where packets with PID “C” are control schemes 614 associated with Motorola equipment. Based on the above, the cable scrambler 612 performs encryption by the Motorola encryption method. The output stream from the cable scrambler 612 is fed to a further new device, the PID remapping and scrambler 620, which performs the remaining packets on the data received from the cable scrambler 612. PID “A” to PID “C” are remapped to the packet, and the packet having PID “B” is encrypted using the NDS encryption algorithm based on the control by the control method 624. The output stream 626 is duplicated and selected with a clear unencrypted packet with PID “C” and a packet with PID “C” that is duplicated, selected, and encrypted by a Motorola encryption scheme. , And a packet having PID “B” encrypted by the NDS encryption method. This stream is modulated with a modulator 628 (eg, by quadrature amplitude modulation (hereinafter referred to as QAM) or RF modulation) for distribution over a cable system. In the preferred embodiment, in order to maintain compatibility with audio and video PIDs used in older program specific information (PSI), unencrypted packets with PID “A” are assigned PID “C”. Map to match the scrambled packet marked with. Control computers, scramblers, and older set-top boxes have only knowledge about PID “C”. Alternatively, the scrambled packet with the PID “C” may be mapped to the PID “A”, but in this case, the automatically generated PSI is edited and the PID remapping is performed. In the scrambler 620, the PID number from the PID “C” needs to be reassigned to the PID “A”.

  In the above embodiment, the PID remapping and scrambler 620 can also be used for duplicating the PSI information. In this case, the PID remapping and scrambler 620 can change the PSI information to change the CA description in the PMT. (Use) The modified PSI information may be multiplexed back into the data stream to reflect the addition of NDS encryption. Further, in the PID remapping and scrambler 620, an ECM that supports NDS encryption may be inserted into the data stream (or may be inserted by the packet selector / duplicator 610).

  Thus, to add an NDS encryption scheme (or other encryption scheme) to the cable system headend using Motorola equipment, the packet is duplicated and the PID in the data stream from the satellite descrambler is Remapped The remapped PID is used to specify a packet to be scrambled based on each CA scheme. When adopting the old encryption method, the clear packet PID is remapped so that both the clear packet and the encrypted packet in the old method share the same PID (or multiple PIDs). . PID remapping and PID remapping in the scrambler 620 and packet selection and duplication in the packet selector / duplicator 610 can be a programmed processor or a custom or semi-custom integrated circuit such as an application specific integrated circuit. Alternatively, a programmable logic device or a field programmable gate array may be used. These can also be realized in other ways without departing from the scope of the invention.

  FIG. 12 shows a similar equipment configuration used to implement dual partial encryption according to the present invention at the cable head end of Scientific Atlanta. In this embodiment, a HITS signal or similar signal is received at an IRD 704 in which a satellite signal descrambler 706 is incorporated. This may be a Motorola IRT or MPS with the satellite signal descrambler function enabled. The output signal from the satellite signal descrambler 706 is a clear data stream that can be processed by the new packet selector / duplicator 710, which selects the packets to be packet encrypted and duplicates them. The PID of the duplicated packet is mapped to a new PID. Here, for example, PID “A” is assigned to a packet that remains clear, and PID “B” is assigned to a packet to be encrypted by a new method (for example, NDS). A PID “C” is assigned to a packet to be encrypted by this method. At this time, the packet with the packet PID “B” is encrypted by the NDS encryption method.

  The stream of packets is supplied to a multiplexer 712 (eg, a Scientific Atlanta multiplexer), and the multiplexer 712 receives a PID “C” in a cable scrambler 714 under the control of a control scheme 718 associated with the multiplexer 712. The existing packet is encrypted using the Scientific Atlanta encryption method. The data stream is then supplied to the QAM modulator 720 within the multiplexer 712. In order to correctly remap the packet, the QAM modulated signal output from the multiplexer 712 is supplied to a new processing unit 724, where the QAM modulated signal is demodulated by the QAM demodulator 730 and then PID remapped. In the mapper 734, the clear PID “A” packet is remapped to the PID “C” under the control of the control method 738. Encryption based on the NDS encryption algorithm is also performed here, not the packet selector / duplicator 710. The data stream in which the PID is remapped and the dual partial encryption is QAM modulated and / or RF modulated by the QAM and RF modulator 742 is distributed via the cable system.

  In the above-described embodiment, further, PID remapping and scrambler 734 are used to demultiplex PSI information, add NDS encryption to PSI information (add CA descriptor to PMT), and change The converted PSI information is returned to the data stream. In the PID remapping and scrambler 734, an ECM may be inserted into the data stream to support NDS encryption (or it may be inserted by the packet selector / duplicator 710). PID remapping and PID remapping and / or scrambling in scrambler 734, QAM demodulation and QAM modulation by QAM demodulator 730 and QAM and RF modulator 742, and packet selection and duplication in packet selector / duplicator 710 are programmed. Or a custom or semi-custom integrated circuit such as an application specific integrated circuit, a programmable logic device or a field programmable gate array. These can also be realized in other ways without departing from the scope of the invention.

  With the above-described embodiment of the present invention, the old scrambling device can scramble only the desired packets in the elementary stream, not all the elementary streams. The selective scrambling of an arbitrary packet is realized by attaching a predetermined PID number such as PID “A” to a packet that does not need to be scrambled in the elementary stream. For example, PID “C” is added to the scrambled packet. The scrambler scrambles the packet with the PID “C” (selected when scrambled). After being scrambled, the unscrambled packet has the same PID number as the PID number mapped to the scrambled packet, and PID “A” becomes PID “C”. Older set top boxes receive elementary streams with both scrambled and unscrambled packets.

  The packets in these embodiments are processed as a stream. The entire stream is fed to an old scrambling device for scrambling. This keeps all packets in the correct time synchronization order. When packets are extracted from the stream and fed to older scrambling devices, time jitter may be introduced. In this embodiment, this problem is avoided by maintaining all packets in the stream. In this embodiment, the old scrambler does not participate in the packet remapping process, ie, the remapping process from the packet PID “A” to the PID “C”, and therefore requires cooperation from the manufacturer of the old scrambler. And not. This remapping has the advantage that it is not necessary to change the PID “C” processed by the PSI generated by the old scrambling device. Older systems have knowledge of PID “C” but not PID “A”. The overall elementary stream to be scrambled by the old scrambler is indicated by a single PID that the scramble system is instructed to scramble.

  In the above-described embodiment, the NDS used as the second encryption method is an example and does not limit the present invention. In addition, two widely used schemes, namely Motorola and Scientific Atlanta, have been described by way of example, but other older systems have been similarly modified with PID remapping and dual partial encryption. Can also be realized. In general, the techniques described above include a process 800 shown generally in FIG. In step 806, a feed is received, and in step 810, the feed is descrambled to generate a clear packet data stream. In step 814, a packet is selected according to the desired dual partial encryption scheme (eg, audio only, packet containing PES header, etc.). In step 818, the selected packet is duplicated and the duplicated pair is remapped to two new PIDs (eg, PID “B” and PID “C”). In step 822, the copied packet is encrypted based on the PID (ie, the packet with PID “C” is encrypted based on the old encryption method, and the packet with PID “B” is encrypted with the new encryption). Encrypt based on the method). In step 826, the PID of the clear packet (eg, PID “A”) is remapped to the same PID as the PID (PID “C”) of the packet encrypted in the old fashion.

  The execution order of the steps of the process 800 shown in FIG. 13 may be variously changed depending on the specific old scheme that is changed to include the dual partial encryption configuration used. For example, encryption based on a new encryption method may be performed at the time of duplication, and as shown in FIGS. 11 and 12, when remapping an old packet later (see FIG. 13) Various demodulation and re-modulation processes may be performed as needed to accommodate specific old-style schemes to be used (not shown).

Realization of Set Top Box Various set top box configurations can be used within the scope of the present invention. The method of selecting a packet for encryption at the head end is irrelevant to the STB.

  One such implementation is shown in FIG. In this embodiment, packets from the tuner and demodulator 904 are supplied to the demultiplexer 910 of the decoder circuit 908. The packets are buffered in the memory 912 (eg, using a unified memory architecture) and processed by the STB main CPU 916 that operates based on software stored in the ROM memory 920.

  The selected PID is extracted from the supplied transport stream by the STB PID filter and prepared for transfer to a hard disk drive (HDD) in a personal video recorder (PVR) application. In the same manner as the initial processing necessary for the above, it is decoded and buffered in a synchronous dynamic random access memory (hereinafter referred to as SDRAM). The host CPU 916 filters the data buffered in the “manually” SDRAM and excludes packets that contain unnecessary PIDs. There are several obvious obvious side effects in this process.

  The host CPU overhead is estimated to be about 1% of the CPU bandwidth. In the worst case, this overhead corresponds to 40 Kbytes / second in a 15 Mbit / second video stream. The data to be evaluated is only 4 bytes at most for each packet, and these appear at intervals of 188 bytes, so there is no need to consider the data in between, and this reduction is possible. It is. Therefore, each packet header in the SDRAM can be read directly by a simple operation of the memory pointer. Furthermore, since the packets are cached in blocks and evaluated together, the switching task of the host CPU can be reduced.

  As a result, it is possible to avoid interrupts in other tasks each time a new packet is received. In such processing, the waiting time for starting decoding is increased by the time required to fill the cache when the channel is changed. Such a waiting time can be ignored depending on the buffer size of the allocated SDRAM cache.

  The packet filtered by the host CPU in the SDRAM buffer is transferred to an A / V queue (A / V Queue) by an existing hardware DMA process to imitate the operation of the PVR.

  FIG. 15 shows a second configuration example of the set top box. The RISC processor A / V decoder module 934 in the decoder IC 930 processes the partial transport PID and performs extraction and combination for decoding, so that the firmware in the decoder IC 930 is based on the criteria in each packet header, Individual packets in the partial transport stream can be excluded. Alternatively, the demultiplexer 910 may be designed to exclude packets. Packets scrambled by the old method pass through the CA module while being encrypted. Decoder IC 930 is used to remove packets scrambled by the old scheme, and packets that are encrypted by a new encryption algorithm (eg, NDS) are adjacent to packets encrypted by the old scheme. (Or at least prior to the next first stream video packet), the exclusion of obsolete packets effectively results in a single clear stream in the header strip and video queue. Will be merged.

  FIG. 16 shows a third configuration example for performing partial encryption in the set-top box. In this embodiment, an application specific integrated circuit (ASIC), a field programmable gate array (FPGA), and a programmable logic device provided between a tuner and demodulator 904 and a decoder IC 908 are provided. PID remapping is performed by (programmable logic device: PLD) 938 or other specially designed circuits. As a modification of this embodiment, the decoder IC 908 may be changed so that PID remapping is performed in the demultiplexer 940. In either case, packets that were encrypted by the old-style scheme are excluded and non-old-style packets are remapped by circuit 938 or demultiplexer 940.

  This third method may be realized by using a PLD shown in FIG. 17 in one embodiment. In this embodiment, it is assumed that only a maximum of one encrypted packet with a particular PID appears in succession, and therefore (as will be described later), for example, with the M th N encryption configuration described above. Change the configuration to accommodate the burst of encrypted packets. The input stream passes through a PID discriminator 950 that demultiplexes the input stream based on the PID. The continuous counter checker 958 checks the continuity of the first PID packet. If an error is detected in continuity, at block 960, this error is detected and the counter is reset.

  The original input packet stream contains packets tagged with a number of PIDs. The PID discriminator 950 separates a packet having two predetermined PIDs (first and second PIDs) from all other packets. This functionality may be extended to handle multiple pairs. These other packets are bypassed directly to the revised output stream. This process causes a 3-byte or 4-byte clock delay.

  The packet having the second PID is routed by the PID discriminator 950 to the continuous counter checker 954, and the continuous counter checker 594 verifies the integrity of the sequence for this PID. Block 956 detects an error, but the handling of this error will not be described in detail because it is not directly related to the present invention. A value indicating the continuity of the packet is saved for later use in confirming the sequence of packets. The continuity counter verifier 958 checks the corresponding continuity for the packet having the first PID using an independent first counter, and again an error is detected at block 960.

  At block 962, it is determined whether the second packet has a second flag. This Boolean indicator is used to store that the second packet has been processed since the last clear packet. In this example, there is an error if there are two or more second packets between clear packets, and this error is detected at block 964. The presence of the second packet is indicated for further processing by setting a second flag at block 966.

  The second packet continuity counter is changed at block 968 to match the sequence of clear packets. At block 958, the data for this substitution is derived from the value used to verify the continuity of the first stream in the continuous counter verifier 958. The modified packet is output from block 968 and merged into the modified stream, thereby generating an output stream.

  After packets having the first PID are verified for continuity at the continuity counter verifier 958, these packets are distinguished at block 970 by a scramble flag in the header. If the packet is scrambled, at block 974, a first flag is requested. This first flag, the Boolean indicator, is used to store that the first packet has been processed since the last clear packet. In this example, there is an error if there are two or more first packets between clear packets, and after this error is detected at block 976, the packet is deleted at block 978. The presence of the first packet is indicated for further processing in block 978 by setting the first flag. If the user using the encrypted packet is not on the downstream side, the packet may be deleted at block 978. In some situations, it may be necessary to continue this packet (in this case, the continuation counter can be excluded and the second continuation value can be used).

  If a clear packet is detected by the scramble check of the first PID at block 970, the state of the second and first flags is checked at block 984. Since encrypted packets always exist as a pair, a valid condition is either when both of these pairs do not exist or when both exist. The situation where only one of these pairs exists is determined to be an error at block 988. However, in this embodiment, the order of appearance does not matter. As a technique for attaching a flag for deletion to the first packet, for example, a transport header bit such as a transport priority bit (TRANSPORT_PRIORITY) may be scrambled, or other techniques may be used. In addition, no bits are used, for example, simple location information of the first (second) packet, such as whether the first (second) packet is before or after the second (first) packet. May be used as an indicator.

  The clear packet PID value with the first PID is changed to the second PID at block 992 and then incorporated into the changed output stream. Alternatively, a packet having the second PID may be remapped to the first PID value. Once the correct PID (either the first or second PID) for decoding the content is supplied to the decoder, the content can be decoded. The presence of a clear packet is indicated by the first or second Boolean flag.

  In all the embodiments described above, even if the replacement tag is attached to the series of first packets, the second packet can be inserted adjacent to the first packet to be replaced. Note that in some embodiments, headend partial scrambling may be performed when a plurality of encrypted packets can be inserted into a stream without the second packet interposed. In order to include a plurality of consecutive encrypted packets in the stream (eg, as in the Mth N partial encryption scheme), the use of the first and second flags can be changed to a counter matching test function. function). In this case, instead of the blocks 962, 964, and 966, the second encrypted packet counter is incremented. In place of the blocks 970, 974, 976, 980, the first encrypted packet counter is incremented. Block 984 is replaced with a comparison of first and second encrypted packet counters to confirm that the same number of encrypted packets have been received from the first and second paths. Also, instead of clearing the flag in block 992, here, this variant of resetting the counter allows multiple encrypted packets to be received continuously, comparing the number of packets received. The integrity of the data stream can be monitored. Those skilled in the art can conceive of other variations.

  The function described above with reference to FIG. 17 is used in a commercially available set-top box, and is an A / C having a function equivalent to the function of a Broadcom series 70xx or 71xx decoder available on the market. It may be integrated into the V decoder chip. FIG. 18 is a block diagram of such a decoder chip. Here, the functions already provided in the commercially available chip are basically not changed. Usually, commercially available decoder chips are designed on the assumption that there is a one-to-one correspondence between PID and program components (eg, audio, video).

  The decoder shown in FIG. 18 can process the first PID and the second PID of the main audio, the main video, and the secondary video used for the picture-in-picture (PiP) function. In this embodiment that allows multiple PIDs to be programmed into the decoder via a connection to the CPU, the raw data stream is demultiplexed based on the PID described above with reference to FIG. Received by the packet sorter 1002 having the same function as Preferably, the decoder shown in FIG. 18 implements the PID sort function in the packet sorter 1002 using hard-wired logic instead of programmed software. The program guide and stream navigation information are output for use by the STB CPU, for example. Packets associated with the main audio program are buffered in the FIFO 1006, then decoded by the decoder 1010, buffered in the buffer 1014, and read by the MPEG audio decoder 1018 when needed. The decoded MPEG audio signal is output as an output signal from the decoder.

  Similarly, packets associated with the main video program are buffered in FIFO 1024, then decoded by decoder 1028, buffered in buffer 1032, and read by MPEG video decoder 1036 when needed. The decoded MPEG video signal of the main channel is supplied to a later-described mixer 1040, from which it is output as an output signal from the decoder. Similarly, packets associated with picture-in-picture video are buffered in FIFO 1044, then decoded by decoder 1048, buffered in buffer 1052, and read by MPEG video decoder 1056 when needed. The decoded MPEG video signal of the picture-in-picture channel is supplied to the mixer 1040, where it is combined with the main channel video signal and output from there as an output signal from the decoder. Other packets not related to the main channel or picture-in-picture channel are deleted. Of course, other functions may be incorporated into or removed from the decoder chip without departing from the scope of the present invention.

Conclusion As mentioned above, some of the partial encryption configurations described above may be combined to further increase security in order to combat persistent attacks from hackers. For example, critical packet encryption may be combined with any of SI encryption, Mth N encryption, random encryption, time slice encryption, and other techniques to increase security. In one embodiment, as many packets as possible are encrypted as bandwidth permits. The amount of encryption depends on whether the content is a regular program, a premier program (eg, pay-per-view or VOD), the content is an adult program or a regular movie, or appropriate for various cable operators. It may be determined according to the level of safety to be allowed. It will be apparent to those skilled in the art that various other combinations are possible to further enhance the security of the encryption without departing from the scope of the present invention.

  In the various embodiments described above, the present invention has been described with reference to a digital A / V system using MPEG2 encoding. Therefore, various packet names and protocols related to MPEG2 encoding and decoding were used. However, it will be apparent to those skilled in the art that the concepts disclosed and claimed herein are not limited to such scope. Similar or similar techniques are not limited to the MPEG2 protocol and can be implemented in any digital cable system. Furthermore, the method of the present invention is used in, for example, a content distribution method using terrestrial broadcasting and a content distribution method using the Internet, such as DirecTV (trademark), although not limited to the following. It may be realized in a content distribution method using a satellite such as a digital satellite service (DSS) and any other suitable content distribution scenario including a package medium (for example, CD or DVD). Various modifications based on these are equivalent to the technology described herein, and the embodiment of the MPEG2 cable system described as an example here is interpreted as a specific example for illustrating the present invention. Should.

  Furthermore, the present invention has been described with a specific example of decrypting a partially encrypted television program using a television set-top box. However, the decoding mechanism according to the present invention can be similarly realized in a television receiver without an STB, and can also be realized in a music player such as an MP3 player. These embodiments are also equivalent to the embodiments described here.

  Furthermore, although the present invention has been described in connection with an encryption scheme for providing a mechanism for dual partial encryption of television programs, a partial encryption scheme can be a single encryption scheme or two or more. The plurality of encryption methods in this encryption method can be used without limitation. More than one encryption scheme may be applied to the encrypted further replicated packet. In addition, an encryption key for one of the copied packets may be shared among a plurality of encryption methods. Further, although the special purpose of encrypting television programs has been described herein, the present invention is not limited to the following: content downloaded from the Internet or other networks, music content, Other content, including package media and these other types of information content, may be used to encrypt alone or dual partial encrypt. Further, without departing from the scope of the present invention, these contents are not limited to, for example, personal digital assistant (PDA), personal computer, personal music player, audio system. It may be played back on any playback device including an audio / video system.

  As will be apparent to those skilled in the art, the present invention has been described herein using exemplary embodiments that can be implemented using a programmed processor. However, the invention is not limited to such embodiments, and the invention can be implemented using hardware component equivalents such as special purpose hardware and / or dedicated processors. Such an implementation is equivalent to the invention disclosed herein and claimed in the claims. Similarly, a configuration equivalent to the embodiment of the present invention is constructed using a general-purpose computer, a computer using a microprocessor, a microcontroller, an optical computer, an analog computer, a dedicated processor, and / or a dedicated hard-wired logic circuit. You can also.

  Further, the programming steps for realizing the above-described embodiments and the data associated therewith can be read out without departing from the scope of the present invention. It can also be realized by using a Memory (RAM) element, an optical storage device, a magnetic storage device, a magneto-optical storage device, a flash memory, a core memory, and / or other equivalent storage technology. Storage devices similar to these can be regarded as equivalents.

  The present invention is broadly described above using flowcharts and can be implemented using a programmed processor that executes programming instructions that can be stored on or transmitted over a suitable electronic storage medium. it can. It will be apparent to those skilled in the art that the processing described above can be variously modified without departing from the scope of the present invention and can be described using a variety of suitable programming languages. For example, the order of operations performed can be changed without departing from the scope of the invention, and other operations can be added or some operations can be omitted. Further, error correction processing may be added and / or extended without departing from the scope of the present invention, and the user interface and displayed information may be variously changed. These variations are also considered equivalent.

  Although the present invention has been described using specific embodiments, those skilled in the art can devise many alternatives, modifications, variations, and variations from the above description. These alternatives, modifications, changes, and variations are within the scope of the present invention.

Claims (7)

A demodulator that demodulates a stream of modulated packets comprising a clear packet having a first packet identifier, an encrypted packet having a second packet identifier, and an encrypted packet having a third packet identifier When,
A remapping unit that changes the packet identifier such that a clear packet having the first packet identifier and an encrypted packet having the second packet identifier have the same packet identifier ;
An encryptor for encrypting a packet having the third packet identifier with an algorithm different from an algorithm for encrypting the packet having the second packet identifier;
The provided, said packet having a third packet identifier comprises a packet identifier remapping device you comprising a clear packet.   The packet identifier remapping apparatus according to claim 1, further comprising a multiplexer that combines the remapped packets with packets having the third packet identifier to generate an output data stream. The modulated packet stream includes packets having system information;
The third further comprising claims 1 to 2 packet identifier remapping device according to any one of the changing means for changing the system information to identify the encryption method that encrypts a packet having a packet identifier. An input stream of packets consisting of an unencrypted packet having a first packet identifier, an encrypted packet having the first packet identifier, and an encrypted packet having a second packet identifier Receiving input means;
A packet identifier reading means for reading the packet identifier of the packet in the input stream of the packet and excluding the encrypted packet having the first packet identifier;
A packet identifier remapping circuit for remapping the second packet identifier to the first packet identifier to generate a remapped packet;
A circuit comprising: a multiplexer that multiplexes the remapped packet into an unencrypted packet having the first packet identifier to generate an output stream of the packet. The packet associated with the first packet identifier is encrypted based on the first encryption scheme, and the packet associated with the second packet identifier is based on the second encryption scheme. 5. The circuit of claim 4 , wherein the circuit is encrypted. Based on the packet identifier circuit of claim 4 or 5, wherein further comprising a demultiplexer for demultiplexing the output stream of the packet. Television receiver, television set-top boxes and circuit according to claim 4 to 6, wherein the built in at least one integrated circuit.

Images